Skip to content

Commit

Permalink
added sed cmd to transform querySuite (SAP#4945)
Browse files Browse the repository at this point in the history
* added sed cmd to transform querySuite

* changed sh to bash

* added checking os

* fixed tests by mocking utils

* fixed tests

* renamed param

---------

Co-authored-by: sumeet patil <[email protected]>
  • Loading branch information
2 people authored and maxatsap committed Jul 23, 2024
1 parent c983adc commit 69adf22
Show file tree
Hide file tree
Showing 4 changed files with 91 additions and 19 deletions.
26 changes: 20 additions & 6 deletions cmd/codeqlExecuteScan.go
Original file line number Diff line number Diff line change
Expand Up @@ -59,9 +59,23 @@ func codeqlExecuteScan(config codeqlExecuteScanOptions, telemetryData *telemetry
influx.step_data.fields.codeql = true
}

func appendCodeqlQuery(cmd []string, codeqlQuery string) []string {
if len(codeqlQuery) > 0 {
cmd = append(cmd, codeqlQuery)
func appendCodeqlQuerySuite(utils codeqlExecuteScanUtils, cmd []string, querySuite, transformString string) []string {
if len(querySuite) > 0 {
if len(transformString) > 0 {
var bufferOut, bufferErr bytes.Buffer
utils.Stdout(&bufferOut)
defer utils.Stdout(log.Writer())
utils.Stderr(&bufferErr)
defer utils.Stderr(log.Writer())
if err := utils.RunExecutable("sh", []string{"-c", fmt.Sprintf("echo %s | sed -E \"%s\"", querySuite, transformString)}...); err != nil {
log.Entry().WithError(err).Error("failed to transform querySuite")
e := bufferErr.String()
log.Entry().Error(e)
} else {
querySuite = strings.TrimSpace(bufferOut.String())
}
}
cmd = append(cmd, querySuite)
}

return cmd
Expand Down Expand Up @@ -271,7 +285,7 @@ func runGithubUploadResults(config *codeqlExecuteScanOptions, repoInfo *codeql.R
func executeAnalysis(format, reportName string, customFlags map[string]string, config *codeqlExecuteScanOptions, utils codeqlExecuteScanUtils) ([]piperutils.Path, error) {
moduleTargetPath := filepath.Join(config.ModulePath, "target")
report := filepath.Join(moduleTargetPath, reportName)
cmd, err := prepareCmdForDatabaseAnalyze(customFlags, config, format, report)
cmd, err := prepareCmdForDatabaseAnalyze(utils, customFlags, config, format, report)
if err != nil {
log.Entry().Errorf("failed to prepare command for codeql database analyze (format=%s)", format)
return nil, err
Expand Down Expand Up @@ -323,11 +337,11 @@ func prepareCmdForDatabaseCreate(customFlags map[string]string, config *codeqlEx
return cmd, nil
}

func prepareCmdForDatabaseAnalyze(customFlags map[string]string, config *codeqlExecuteScanOptions, format, reportName string) ([]string, error) {
func prepareCmdForDatabaseAnalyze(utils codeqlExecuteScanUtils, customFlags map[string]string, config *codeqlExecuteScanOptions, format, reportName string) ([]string, error) {
cmd := []string{"database", "analyze", "--format=" + format, "--output=" + reportName, config.Database}
cmd = codeql.AppendThreadsAndRam(cmd, config.Threads, config.Ram, customFlags)
cmd = codeql.AppendCustomFlags(cmd, customFlags)
cmd = appendCodeqlQuery(cmd, config.QuerySuite)
cmd = appendCodeqlQuerySuite(utils, cmd, config.QuerySuite, config.TransformQuerySuite)
return cmd, nil
}

Expand Down
11 changes: 11 additions & 0 deletions cmd/codeqlExecuteScan_generated.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

66 changes: 53 additions & 13 deletions cmd/codeqlExecuteScan_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@
package cmd

import (
"fmt"
"io"
"os"
"strings"
"testing"
Expand All @@ -21,7 +23,11 @@ type codeqlExecuteScanMockUtils struct {

func newCodeqlExecuteScanTestsUtils() codeqlExecuteScanMockUtils {
utils := codeqlExecuteScanMockUtils{
ExecMockRunner: &mock.ExecMockRunner{},
ExecMockRunner: &mock.ExecMockRunner{
Stub: func(call string, stdoutReturn map[string]string, shouldFailOnCommand map[string]error, stdout io.Writer) error {
return nil
},
},
FilesMock: &mock.FilesMock{},
HttpClientMock: &mock.HttpClientMock{},
}
Expand Down Expand Up @@ -406,12 +412,13 @@ func TestPrepareCmdForDatabaseCreate(t *testing.T) {

func TestPrepareCmdForDatabaseAnalyze(t *testing.T) {
t.Parallel()
utils := codeqlExecuteScanMockUtils{}

t.Run("No additional flags, no querySuite, sarif format", func(t *testing.T) {
config := &codeqlExecuteScanOptions{
Database: "codeqlDB",
}
cmd, err := prepareCmdForDatabaseAnalyze(map[string]string{}, config, "sarif-latest", "target/codeqlReport.sarif")
cmd, err := prepareCmdForDatabaseAnalyze(utils, map[string]string{}, config, "sarif-latest", "target/codeqlReport.sarif")
assert.NoError(t, err)
assert.NotEmpty(t, cmd)
assert.Equal(t, 5, len(cmd))
Expand All @@ -422,7 +429,7 @@ func TestPrepareCmdForDatabaseAnalyze(t *testing.T) {
config := &codeqlExecuteScanOptions{
Database: "codeqlDB",
}
cmd, err := prepareCmdForDatabaseAnalyze(map[string]string{}, config, "csv", "target/codeqlReport.csv")
cmd, err := prepareCmdForDatabaseAnalyze(utils, map[string]string{}, config, "csv", "target/codeqlReport.csv")
assert.NoError(t, err)
assert.NotEmpty(t, cmd)
assert.Equal(t, 5, len(cmd))
Expand All @@ -434,7 +441,7 @@ func TestPrepareCmdForDatabaseAnalyze(t *testing.T) {
Database: "codeqlDB",
QuerySuite: "security.ql",
}
cmd, err := prepareCmdForDatabaseAnalyze(map[string]string{}, config, "sarif-latest", "target/codeqlReport.sarif")
cmd, err := prepareCmdForDatabaseAnalyze(utils, map[string]string{}, config, "sarif-latest", "target/codeqlReport.sarif")
assert.NoError(t, err)
assert.NotEmpty(t, cmd)
assert.Equal(t, 6, len(cmd))
Expand All @@ -448,7 +455,7 @@ func TestPrepareCmdForDatabaseAnalyze(t *testing.T) {
Threads: "1",
Ram: "2000",
}
cmd, err := prepareCmdForDatabaseAnalyze(map[string]string{}, config, "sarif-latest", "target/codeqlReport.sarif")
cmd, err := prepareCmdForDatabaseAnalyze(utils, map[string]string{}, config, "sarif-latest", "target/codeqlReport.sarif")
assert.NoError(t, err)
assert.NotEmpty(t, cmd)
assert.Equal(t, 8, len(cmd))
Expand All @@ -465,7 +472,7 @@ func TestPrepareCmdForDatabaseAnalyze(t *testing.T) {
customFlags := map[string]string{
"--threads": "--threads=2",
}
cmd, err := prepareCmdForDatabaseAnalyze(customFlags, config, "sarif-latest", "target/codeqlReport.sarif")
cmd, err := prepareCmdForDatabaseAnalyze(utils, customFlags, config, "sarif-latest", "target/codeqlReport.sarif")
assert.NoError(t, err)
assert.NotEmpty(t, cmd)
assert.Equal(t, 8, len(cmd))
Expand All @@ -482,7 +489,7 @@ func TestPrepareCmdForDatabaseAnalyze(t *testing.T) {
customFlags := map[string]string{
"-j": "-j=2",
}
cmd, err := prepareCmdForDatabaseAnalyze(customFlags, config, "sarif-latest", "target/codeqlReport.sarif")
cmd, err := prepareCmdForDatabaseAnalyze(utils, customFlags, config, "sarif-latest", "target/codeqlReport.sarif")
assert.NoError(t, err)
assert.NotEmpty(t, cmd)
assert.Equal(t, 8, len(cmd))
Expand All @@ -499,7 +506,7 @@ func TestPrepareCmdForDatabaseAnalyze(t *testing.T) {
customFlags := map[string]string{
"--no-download": "--no-download",
}
cmd, err := prepareCmdForDatabaseAnalyze(customFlags, config, "sarif-latest", "target/codeqlReport.sarif")
cmd, err := prepareCmdForDatabaseAnalyze(utils, customFlags, config, "sarif-latest", "target/codeqlReport.sarif")
assert.NoError(t, err)
assert.NotEmpty(t, cmd)
assert.Equal(t, 9, len(cmd))
Expand Down Expand Up @@ -559,21 +566,54 @@ func TestPrepareCmdForUploadResults(t *testing.T) {
})
}

func TestAppendCodeqlQuery(t *testing.T) {
func TestAppendCodeqlQuerySuite(t *testing.T) {
t.Parallel()

t.Run("Empty query", func(t *testing.T) {
utils := newCodeqlExecuteScanTestsUtils()
cmd := []string{"database", "analyze"}
query := ""
cmd = appendCodeqlQuery(cmd, query)
querySuite := ""
cmd = appendCodeqlQuerySuite(utils, cmd, querySuite, "")
assert.Equal(t, 2, len(cmd))
})

t.Run("Not empty query", func(t *testing.T) {
utils := newCodeqlExecuteScanTestsUtils()
cmd := []string{"database", "analyze"}
querySuite := "java-extended.ql"
cmd = appendCodeqlQuerySuite(utils, cmd, querySuite, "")
assert.Equal(t, 3, len(cmd))
})

t.Run("Add prefix to querySuite", func(t *testing.T) {
utils := codeqlExecuteScanMockUtils{
ExecMockRunner: &mock.ExecMockRunner{
Stub: func(call string, stdoutReturn map[string]string, shouldFailOnCommand map[string]error, stdout io.Writer) error {
stdout.Write([]byte("test-java-security-extended.qls"))
return nil
},
},
}
cmd := []string{"database", "analyze"}
querySuite := "java-security-extended.qls"
cmd = appendCodeqlQuerySuite(utils, cmd, querySuite, `s/^(java|python)-(security-extended\.qls|security-and-quality\.qls)/test-\1-\2/`)
assert.Equal(t, 3, len(cmd))
assert.Equal(t, "test-java-security-extended.qls", cmd[2])
})

t.Run("Don't add prefix to querySuite", func(t *testing.T) {
utils := codeqlExecuteScanMockUtils{
ExecMockRunner: &mock.ExecMockRunner{
Stub: func(call string, stdoutReturn map[string]string, shouldFailOnCommand map[string]error, stdout io.Writer) error {
return fmt.Errorf("error")
},
},
}
cmd := []string{"database", "analyze"}
query := "java-extended.ql"
cmd = appendCodeqlQuery(cmd, query)
querySuite := "php-security-extended.qls"
cmd = appendCodeqlQuerySuite(utils, cmd, querySuite, `s/^(java|python)-(security-extended\.qls|security-and-quality\.qls)/test-\1-\2/`)
assert.Equal(t, 3, len(cmd))
assert.Equal(t, "php-security-extended.qls", cmd[2])
})
}

Expand Down
7 changes: 7 additions & 0 deletions resources/metadata/codeqlExecuteScan.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -240,6 +240,13 @@ spec:
- STEPS
- STAGES
- PARAMETERS
- name: transformQuerySuite
type: string
description: "A transform string that will be applied to the querySuite using the sed command."
scope:
- STEPS
- STAGES
- PARAMETERS
containers:
- image: ""
outputs:
Expand Down

0 comments on commit 69adf22

Please sign in to comment.